fs/jfs/xattr.c

0001 // SPDX-License-Identifier: GPL-2.0-or-later
0002 /*
0003  *   Copyright (C) International Business Machines  Corp., 2000-2004
0004  *   Copyright (C) Christoph Hellwig, 2002
0005  */
0006
0007 #include <linux/capability.h>
0008 #include <linux/fs.h>
0009 #include <linux/xattr.h>
0010 #include <linux/posix_acl_xattr.h>
0011 #include <linux/slab.h>
0012 #include <linux/quotaops.h>
0013 #include <linux/security.h>
0014 #include "jfs_incore.h"
0015 #include "jfs_superblock.h"
0016 #include "jfs_dmap.h"
0017 #include "jfs_debug.h"
0018 #include "jfs_dinode.h"
0019 #include "jfs_extent.h"
0020 #include "jfs_metapage.h"
0021 #include "jfs_xattr.h"
0022 #include "jfs_acl.h"
0023
0024 /*
0025  *  jfs_xattr.c: extended attribute service
0026  *
0027  * Overall design --
0028  *
0029  * Format:
0030  *
0031  *   Extended attribute lists (jfs_ea_list) consist of an overall size (32 bit
0032  *   value) and a variable (0 or more) number of extended attribute
0033  *   entries.  Each extended attribute entry (jfs_ea) is a <name,value> double
0034  *   where <name> is constructed from a null-terminated ascii string
0035  *   (1 ... 255 bytes in the name) and <value> is arbitrary 8 bit data
0036  *   (1 ... 65535 bytes).  The in-memory format is
0037  *
0038  *   0       1        2        4                4 + namelen + 1
0039  *   +-------+--------+--------+----------------+-------------------+
0040  *   | Flags | Name   | Value  | Name String \0 | Data . . . .      |
0041  *   |       | Length | Length |                |                   |
0042  *   +-------+--------+--------+----------------+-------------------+
0043  *
0044  *   A jfs_ea_list then is structured as
0045  *
0046  *   0            4                   4 + EA_SIZE(ea1)
0047  *   +------------+-------------------+--------------------+-----
0048  *   | Overall EA | First FEA Element | Second FEA Element | .....
0049  *   | List Size  |                   |                    |
0050  *   +------------+-------------------+--------------------+-----
0051  *
0052  *   On-disk:
0053  *
0054  *  FEALISTs are stored on disk using blocks allocated by dbAlloc() and
0055  *  written directly. An EA list may be in-lined in the inode if there is
0056  *  sufficient room available.
0057  */
0058
0059 struct ea_buffer {
0060     int flag;       /* Indicates what storage xattr points to */
0061     int max_size;       /* largest xattr that fits in current buffer */
0062     dxd_t new_ea;       /* dxd to replace ea when modifying xattr */
0063     struct metapage *mp;    /* metapage containing ea list */
0064     struct jfs_ea_list *xattr;  /* buffer containing ea list */
0065 };
0066
0067 /*
0068  * ea_buffer.flag values
0069  */
0070 #define EA_INLINE   0x0001
0071 #define EA_EXTENT   0x0002
0072 #define EA_NEW      0x0004
0073 #define EA_MALLOC   0x0008
0074
0075
0076 /*
0077  * Mapping of on-disk attribute names: for on-disk attribute names with an
0078  * unknown prefix (not "system.", "user.", "security.", or "trusted."), the
0079  * prefix "os2." is prepended.  On the way back to disk, "os2." prefixes are
0080  * stripped and we make sure that the remaining name does not start with one
0081  * of the know prefixes.
0082  */
0083
0084 static int is_known_namespace(const char *name)
0085 {
0086     if (strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN) &&
0087         strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN) &&
0088         strncmp(name, XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN) &&
0089         strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN))
0090         return false;
0091
0092     return true;
0093 }
0094
0095 static inline int name_size(struct jfs_ea *ea)
0096 {
0097     if (is_known_namespace(ea->name))
0098         return ea->namelen;
0099     else
0100         return ea->namelen + XATTR_OS2_PREFIX_LEN;
0101 }
0102
0103 static inline int copy_name(char *buffer, struct jfs_ea *ea)
0104 {
0105     int len = ea->namelen;
0106
0107     if (!is_known_namespace(ea->name)) {
0108         memcpy(buffer, XATTR_OS2_PREFIX, XATTR_OS2_PREFIX_LEN);
0109         buffer += XATTR_OS2_PREFIX_LEN;
0110         len += XATTR_OS2_PREFIX_LEN;
0111     }
0112     memcpy(buffer, ea->name, ea->namelen);
0113     buffer[ea->namelen] = 0;
0114
0115     return len;
0116 }
0117
0118 /* Forward references */
0119 static void ea_release(struct inode *inode, struct ea_buffer *ea_buf);
0120
0121 /*
0122  * NAME: ea_write_inline
0123  *
0124  * FUNCTION: Attempt to write an EA inline if area is available
0125  *
0126  * PRE CONDITIONS:
0127  *  Already verified that the specified EA is small enough to fit inline
0128  *
0129  * PARAMETERS:
0130  *  ip  - Inode pointer
0131  *  ealist  - EA list pointer
0132  *  size    - size of ealist in bytes
0133  *  ea  - dxd_t structure to be filled in with necessary EA information
0134  *        if we successfully copy the EA inline
0135  *
0136  * NOTES:
0137  *  Checks if the inode's inline area is available.  If so, copies EA inline
0138  *  and sets <ea> fields appropriately.  Otherwise, returns failure, EA will
0139  *  have to be put into an extent.
0140  *
0141  * RETURNS: 0 for successful copy to inline area; -1 if area not available
0142  */
0143 static int ea_write_inline(struct inode *ip, struct jfs_ea_list *ealist,
0144                int size, dxd_t * ea)
0145 {
0146     struct jfs_inode_info *ji = JFS_IP(ip);
0147
0148     /*
0149      * Make sure we have an EA -- the NULL EA list is valid, but you
0150      * can't copy it!
0151      */
0152     if (ealist && size > sizeof (struct jfs_ea_list)) {
0153         assert(size <= sizeof (ji->i_inline_ea));
0154
0155         /*
0156          * See if the space is available or if it is already being
0157          * used for an inline EA.
0158          */
0159         if (!(ji->mode2 & INLINEEA) && !(ji->ea.flag & DXD_INLINE))
0160             return -EPERM;
0161
0162         DXDsize(ea, size);
0163         DXDlength(ea, 0);
0164         DXDaddress(ea, 0);
0165         memcpy(ji->i_inline_ea, ealist, size);
0166         ea->flag = DXD_INLINE;
0167         ji->mode2 &= ~INLINEEA;
0168     } else {
0169         ea->flag = 0;
0170         DXDsize(ea, 0);
0171         DXDlength(ea, 0);
0172         DXDaddress(ea, 0);
0173
0174         /* Free up INLINE area */
0175         if (ji->ea.flag & DXD_INLINE)
0176             ji->mode2 |= INLINEEA;
0177     }
0178
0179     return 0;
0180 }
0181
0182 /*
0183  * NAME: ea_write
0184  *
0185  * FUNCTION: Write an EA for an inode
0186  *
0187  * PRE CONDITIONS: EA has been verified
0188  *
0189  * PARAMETERS:
0190  *  ip  - Inode pointer
0191  *  ealist  - EA list pointer
0192  *  size    - size of ealist in bytes
0193  *  ea  - dxd_t structure to be filled in appropriately with where the
0194  *        EA was copied
0195  *
0196  * NOTES: Will write EA inline if able to, otherwise allocates blocks for an
0197  *  extent and synchronously writes it to those blocks.
0198  *
0199  * RETURNS: 0 for success; Anything else indicates failure
0200  */
0201 static int ea_write(struct inode *ip, struct jfs_ea_list *ealist, int size,
0202                dxd_t * ea)
0203 {
0204     struct super_block *sb = ip->i_sb;
0205     struct jfs_inode_info *ji = JFS_IP(ip);
0206     struct jfs_sb_info *sbi = JFS_SBI(sb);
0207     int nblocks;
0208     s64 blkno;
0209     int rc = 0, i;
0210     char *cp;
0211     s32 nbytes, nb;
0212     s32 bytes_to_write;
0213     struct metapage *mp;
0214
0215     /*
0216      * Quick check to see if this is an in-linable EA.  Short EAs
0217      * and empty EAs are all in-linable, provided the space exists.
0218      */
0219     if (!ealist || size <= sizeof (ji->i_inline_ea)) {
0220         if (!ea_write_inline(ip, ealist, size, ea))
0221             return 0;
0222     }
0223
0224     /* figure out how many blocks we need */
0225     nblocks = (size + (sb->s_blocksize - 1)) >> sb->s_blocksize_bits;
0226
0227     /* Allocate new blocks to quota. */
0228     rc = dquot_alloc_block(ip, nblocks);
0229     if (rc)
0230         return rc;
0231
0232     rc = dbAlloc(ip, INOHINT(ip), nblocks, &blkno);
0233     if (rc) {
0234         /*Rollback quota allocation. */
0235         dquot_free_block(ip, nblocks);
0236         return rc;
0237     }
0238
0239     /*
0240      * Now have nblocks worth of storage to stuff into the FEALIST.
0241      * loop over the FEALIST copying data into the buffer one page at
0242      * a time.
0243      */
0244     cp = (char *) ealist;
0245     nbytes = size;
0246     for (i = 0; i < nblocks; i += sbi->nbperpage) {
0247         /*
0248          * Determine how many bytes for this request, and round up to
0249          * the nearest aggregate block size
0250          */
0251         nb = min(PSIZE, nbytes);
0252         bytes_to_write =
0253             ((((nb + sb->s_blocksize - 1)) >> sb->s_blocksize_bits))
0254             << sb->s_blocksize_bits;
0255
0256         if (!(mp = get_metapage(ip, blkno + i, bytes_to_write, 1))) {
0257             rc = -EIO;
0258             goto failed;
0259         }
0260
0261         memcpy(mp->data, cp, nb);
0262
0263         /*
0264          * We really need a way to propagate errors for
0265          * forced writes like this one.  --hch
0266          *
0267          * (__write_metapage => release_metapage => flush_metapage)
0268          */
0269 #ifdef _JFS_FIXME
0270         if ((rc = flush_metapage(mp))) {
0271             /*
0272              * the write failed -- this means that the buffer
0273              * is still assigned and the blocks are not being
0274              * used.  this seems like the best error recovery
0275              * we can get ...
0276              */
0277             goto failed;
0278         }
0279 #else
0280         flush_metapage(mp);
0281 #endif
0282
0283         cp += PSIZE;
0284         nbytes -= nb;
0285     }
0286
0287     ea->flag = DXD_EXTENT;
0288     DXDsize(ea, le32_to_cpu(ealist->size));
0289     DXDlength(ea, nblocks);
0290     DXDaddress(ea, blkno);
0291
0292     /* Free up INLINE area */
0293     if (ji->ea.flag & DXD_INLINE)
0294         ji->mode2 |= INLINEEA;
0295
0296     return 0;
0297
0298       failed:
0299     /* Rollback quota allocation. */
0300     dquot_free_block(ip, nblocks);
0301
0302     dbFree(ip, blkno, nblocks);
0303     return rc;
0304 }
0305
0306 /*
0307  * NAME: ea_read_inline
0308  *
0309  * FUNCTION: Read an inlined EA into user's buffer
0310  *
0311  * PARAMETERS:
0312  *  ip  - Inode pointer
0313  *  ealist  - Pointer to buffer to fill in with EA
0314  *
0315  * RETURNS: 0
0316  */
0317 static int ea_read_inline(struct inode *ip, struct jfs_ea_list *ealist)
0318 {
0319     struct jfs_inode_info *ji = JFS_IP(ip);
0320     int ea_size = sizeDXD(&ji->ea);
0321
0322     if (ea_size == 0) {
0323         ealist->size = 0;
0324         return 0;
0325     }
0326
0327     /* Sanity Check */
0328     if ((sizeDXD(&ji->ea) > sizeof (ji->i_inline_ea)))
0329         return -EIO;
0330     if (le32_to_cpu(((struct jfs_ea_list *) &ji->i_inline_ea)->size)
0331         != ea_size)
0332         return -EIO;
0333
0334     memcpy(ealist, ji->i_inline_ea, ea_size);
0335     return 0;
0336 }
0337
0338 /*
0339  * NAME: ea_read
0340  *
0341  * FUNCTION: copy EA data into user's buffer
0342  *
0343  * PARAMETERS:
0344  *  ip  - Inode pointer
0345  *  ealist  - Pointer to buffer to fill in with EA
0346  *
0347  * NOTES:  If EA is inline calls ea_read_inline() to copy EA.
0348  *
0349  * RETURNS: 0 for success; other indicates failure
0350  */
0351 static int ea_read(struct inode *ip, struct jfs_ea_list *ealist)
0352 {
0353     struct super_block *sb = ip->i_sb;
0354     struct jfs_inode_info *ji = JFS_IP(ip);
0355     struct jfs_sb_info *sbi = JFS_SBI(sb);
0356     int nblocks;
0357     s64 blkno;
0358     char *cp = (char *) ealist;
0359     int i;
0360     int nbytes, nb;
0361     s32 bytes_to_read;
0362     struct metapage *mp;
0363
0364     /* quick check for in-line EA */
0365     if (ji->ea.flag & DXD_INLINE)
0366         return ea_read_inline(ip, ealist);
0367
0368     nbytes = sizeDXD(&ji->ea);
0369     if (!nbytes) {
0370         jfs_error(sb, "nbytes is 0\n");
0371         return -EIO;
0372     }
0373
0374     /*
0375      * Figure out how many blocks were allocated when this EA list was
0376      * originally written to disk.
0377      */
0378     nblocks = lengthDXD(&ji->ea) << sbi->l2nbperpage;
0379     blkno = addressDXD(&ji->ea) << sbi->l2nbperpage;
0380
0381     /*
0382      * I have found the disk blocks which were originally used to store
0383      * the FEALIST.  now i loop over each contiguous block copying the
0384      * data into the buffer.
0385      */
0386     for (i = 0; i < nblocks; i += sbi->nbperpage) {
0387         /*
0388          * Determine how many bytes for this request, and round up to
0389          * the nearest aggregate block size
0390          */
0391         nb = min(PSIZE, nbytes);
0392         bytes_to_read =
0393             ((((nb + sb->s_blocksize - 1)) >> sb->s_blocksize_bits))
0394             << sb->s_blocksize_bits;
0395
0396         if (!(mp = read_metapage(ip, blkno + i, bytes_to_read, 1)))
0397             return -EIO;
0398
0399         memcpy(cp, mp->data, nb);
0400         release_metapage(mp);
0401
0402         cp += PSIZE;
0403         nbytes -= nb;
0404     }
0405
0406     return 0;
0407 }
0408
0409 /*
0410  * NAME: ea_get
0411  *
0412  * FUNCTION: Returns buffer containing existing extended attributes.
0413  *       The size of the buffer will be the larger of the existing
0414  *       attributes size, or min_size.
0415  *
0416  *       The buffer, which may be inlined in the inode or in the
0417  *       page cache must be release by calling ea_release or ea_put
0418  *
0419  * PARAMETERS:
0420  *  inode   - Inode pointer
0421  *  ea_buf  - Structure to be populated with ealist and its metadata
0422  *  min_size- minimum size of buffer to be returned
0423  *
0424  * RETURNS: 0 for success; Other indicates failure
0425  */
0426 static int ea_get(struct inode *inode, struct ea_buffer *ea_buf, int min_size)
0427 {
0428     struct jfs_inode_info *ji = JFS_IP(inode);
0429     struct super_block *sb = inode->i_sb;
0430     int size;
0431     int ea_size = sizeDXD(&ji->ea);
0432     int blocks_needed, current_blocks;
0433     s64 blkno;
0434     int rc;
0435     int quota_allocation = 0;
0436
0437     /* When fsck.jfs clears a bad ea, it doesn't clear the size */
0438     if (ji->ea.flag == 0)
0439         ea_size = 0;
0440
0441     if (ea_size == 0) {
0442         if (min_size == 0) {
0443             ea_buf->flag = 0;
0444             ea_buf->max_size = 0;
0445             ea_buf->xattr = NULL;
0446             return 0;
0447         }
0448         if ((min_size <= sizeof (ji->i_inline_ea)) &&
0449             (ji->mode2 & INLINEEA)) {
0450             ea_buf->flag = EA_INLINE | EA_NEW;
0451             ea_buf->max_size = sizeof (ji->i_inline_ea);
0452             ea_buf->xattr = (struct jfs_ea_list *) ji->i_inline_ea;
0453             DXDlength(&ea_buf->new_ea, 0);
0454             DXDaddress(&ea_buf->new_ea, 0);
0455             ea_buf->new_ea.flag = DXD_INLINE;
0456             DXDsize(&ea_buf->new_ea, min_size);
0457             return 0;
0458         }
0459         current_blocks = 0;
0460     } else if (ji->ea.flag & DXD_INLINE) {
0461         if (min_size <= sizeof (ji->i_inline_ea)) {
0462             ea_buf->flag = EA_INLINE;
0463             ea_buf->max_size = sizeof (ji->i_inline_ea);
0464             ea_buf->xattr = (struct jfs_ea_list *) ji->i_inline_ea;
0465             goto size_check;
0466         }
0467         current_blocks = 0;
0468     } else {
0469         if (!(ji->ea.flag & DXD_EXTENT)) {
0470             jfs_error(sb, "invalid ea.flag\n");
0471             return -EIO;
0472         }
0473         current_blocks = (ea_size + sb->s_blocksize - 1) >>
0474             sb->s_blocksize_bits;
0475     }
0476     size = max(min_size, ea_size);
0477
0478     if (size > PSIZE) {
0479         /*
0480          * To keep the rest of the code simple.  Allocate a
0481          * contiguous buffer to work with. Make the buffer large
0482          * enough to make use of the whole extent.
0483          */
0484         ea_buf->max_size = (size + sb->s_blocksize - 1) &
0485             ~(sb->s_blocksize - 1);
0486
0487         ea_buf->xattr = kmalloc(ea_buf->max_size, GFP_KERNEL);
0488         if (ea_buf->xattr == NULL)
0489             return -ENOMEM;
0490
0491         ea_buf->flag = EA_MALLOC;
0492
0493         if (ea_size == 0)
0494             return 0;
0495
0496         if ((rc = ea_read(inode, ea_buf->xattr))) {
0497             kfree(ea_buf->xattr);
0498             ea_buf->xattr = NULL;
0499             return rc;
0500         }
0501         goto size_check;
0502     }
0503     blocks_needed = (min_size + sb->s_blocksize - 1) >>
0504         sb->s_blocksize_bits;
0505
0506     if (blocks_needed > current_blocks) {
0507         /* Allocate new blocks to quota. */
0508         rc = dquot_alloc_block(inode, blocks_needed);
0509         if (rc)
0510             return -EDQUOT;
0511
0512         quota_allocation = blocks_needed;
0513
0514         rc = dbAlloc(inode, INOHINT(inode), (s64) blocks_needed,
0515                  &blkno);
0516         if (rc)
0517             goto clean_up;
0518
0519         DXDlength(&ea_buf->new_ea, blocks_needed);
0520         DXDaddress(&ea_buf->new_ea, blkno);
0521         ea_buf->new_ea.flag = DXD_EXTENT;
0522         DXDsize(&ea_buf->new_ea, min_size);
0523
0524         ea_buf->flag = EA_EXTENT | EA_NEW;
0525
0526         ea_buf->mp = get_metapage(inode, blkno,
0527                       blocks_needed << sb->s_blocksize_bits,
0528                       1);
0529         if (ea_buf->mp == NULL) {
0530             dbFree(inode, blkno, (s64) blocks_needed);
0531             rc = -EIO;
0532             goto clean_up;
0533         }
0534         ea_buf->xattr = ea_buf->mp->data;
0535         ea_buf->max_size = (min_size + sb->s_blocksize - 1) &
0536             ~(sb->s_blocksize - 1);
0537         if (ea_size == 0)
0538             return 0;
0539         if ((rc = ea_read(inode, ea_buf->xattr))) {
0540             discard_metapage(ea_buf->mp);
0541             dbFree(inode, blkno, (s64) blocks_needed);
0542             goto clean_up;
0543         }
0544         goto size_check;
0545     }
0546     ea_buf->flag = EA_EXTENT;
0547     ea_buf->mp = read_metapage(inode, addressDXD(&ji->ea),
0548                    lengthDXD(&ji->ea) << sb->s_blocksize_bits,
0549                    1);
0550     if (ea_buf->mp == NULL) {
0551         rc = -EIO;
0552         goto clean_up;
0553     }
0554     ea_buf->xattr = ea_buf->mp->data;
0555     ea_buf->max_size = (ea_size + sb->s_blocksize - 1) &
0556         ~(sb->s_blocksize - 1);
0557
0558       size_check:
0559     if (EALIST_SIZE(ea_buf->xattr) != ea_size) {
0560         printk(KERN_ERR "ea_get: invalid extended attribute\n");
0561         print_hex_dump(KERN_ERR, "", DUMP_PREFIX_ADDRESS, 16, 1,
0562                      ea_buf->xattr, ea_size, 1);
0563         ea_release(inode, ea_buf);
0564         rc = -EIO;
0565         goto clean_up;
0566     }
0567
0568     return ea_size;
0569
0570       clean_up:
0571     /* Rollback quota allocation */
0572     if (quota_allocation)
0573         dquot_free_block(inode, quota_allocation);
0574
0575     return (rc);
0576 }
0577
0578 static void ea_release(struct inode *inode, struct ea_buffer *ea_buf)
0579 {
0580     if (ea_buf->flag & EA_MALLOC)
0581         kfree(ea_buf->xattr);
0582     else if (ea_buf->flag & EA_EXTENT) {
0583         assert(ea_buf->mp);
0584         release_metapage(ea_buf->mp);
0585
0586         if (ea_buf->flag & EA_NEW)
0587             dbFree(inode, addressDXD(&ea_buf->new_ea),
0588                    lengthDXD(&ea_buf->new_ea));
0589     }
0590 }
0591
0592 static int ea_put(tid_t tid, struct inode *inode, struct ea_buffer *ea_buf,
0593           int new_size)
0594 {
0595     struct jfs_inode_info *ji = JFS_IP(inode);
0596     unsigned long old_blocks, new_blocks;
0597     int rc = 0;
0598
0599     if (new_size == 0) {
0600         ea_release(inode, ea_buf);
0601         ea_buf = NULL;
0602     } else if (ea_buf->flag & EA_INLINE) {
0603         assert(new_size <= sizeof (ji->i_inline_ea));
0604         ji->mode2 &= ~INLINEEA;
0605         ea_buf->new_ea.flag = DXD_INLINE;
0606         DXDsize(&ea_buf->new_ea, new_size);
0607         DXDaddress(&ea_buf->new_ea, 0);
0608         DXDlength(&ea_buf->new_ea, 0);
0609     } else if (ea_buf->flag & EA_MALLOC) {
0610         rc = ea_write(inode, ea_buf->xattr, new_size, &ea_buf->new_ea);
0611         kfree(ea_buf->xattr);
0612     } else if (ea_buf->flag & EA_NEW) {
0613         /* We have already allocated a new dxd */
0614         flush_metapage(ea_buf->mp);
0615     } else {
0616         /* ->xattr must point to original ea's metapage */
0617         rc = ea_write(inode, ea_buf->xattr, new_size, &ea_buf->new_ea);
0618         discard_metapage(ea_buf->mp);
0619     }
0620     if (rc)
0621         return rc;
0622
0623     old_blocks = new_blocks = 0;
0624
0625     if (ji->ea.flag & DXD_EXTENT) {
0626         invalidate_dxd_metapages(inode, ji->ea);
0627         old_blocks = lengthDXD(&ji->ea);
0628     }
0629
0630     if (ea_buf) {
0631         txEA(tid, inode, &ji->ea, &ea_buf->new_ea);
0632         if (ea_buf->new_ea.flag & DXD_EXTENT) {
0633             new_blocks = lengthDXD(&ea_buf->new_ea);
0634             if (ji->ea.flag & DXD_INLINE)
0635                 ji->mode2 |= INLINEEA;
0636         }
0637         ji->ea = ea_buf->new_ea;
0638     } else {
0639         txEA(tid, inode, &ji->ea, NULL);
0640         if (ji->ea.flag & DXD_INLINE)
0641             ji->mode2 |= INLINEEA;
0642         ji->ea.flag = 0;
0643         ji->ea.size = 0;
0644     }
0645
0646     /* If old blocks exist, they must be removed from quota allocation. */
0647     if (old_blocks)
0648         dquot_free_block(inode, old_blocks);
0649
0650     inode->i_ctime = current_time(inode);
0651
0652     return 0;
0653 }
0654
0655 int __jfs_setxattr(tid_t tid, struct inode *inode, const char *name,
0656            const void *value, size_t value_len, int flags)
0657 {
0658     struct jfs_ea_list *ealist;
0659     struct jfs_ea *ea, *old_ea = NULL, *next_ea = NULL;
0660     struct ea_buffer ea_buf;
0661     int old_ea_size = 0;
0662     int xattr_size;
0663     int new_size;
0664     int namelen = strlen(name);
0665     int found = 0;
0666     int rc;
0667     int length;
0668
0669     down_write(&JFS_IP(inode)->xattr_sem);
0670
0671     xattr_size = ea_get(inode, &ea_buf, 0);
0672     if (xattr_size < 0) {
0673         rc = xattr_size;
0674         goto out;
0675     }
0676
0677       again:
0678     ealist = (struct jfs_ea_list *) ea_buf.xattr;
0679     new_size = sizeof (struct jfs_ea_list);
0680
0681     if (xattr_size) {
0682         for (ea = FIRST_EA(ealist); ea < END_EALIST(ealist);
0683              ea = NEXT_EA(ea)) {
0684             if ((namelen == ea->namelen) &&
0685                 (memcmp(name, ea->name, namelen) == 0)) {
0686                 found = 1;
0687                 if (flags & XATTR_CREATE) {
0688                     rc = -EEXIST;
0689                     goto release;
0690                 }
0691                 old_ea = ea;
0692                 old_ea_size = EA_SIZE(ea);
0693                 next_ea = NEXT_EA(ea);
0694             } else
0695                 new_size += EA_SIZE(ea);
0696         }
0697     }
0698
0699     if (!found) {
0700         if (flags & XATTR_REPLACE) {
0701             rc = -ENODATA;
0702             goto release;
0703         }
0704         if (value == NULL) {
0705             rc = 0;
0706             goto release;
0707         }
0708     }
0709     if (value)
0710         new_size += sizeof (struct jfs_ea) + namelen + 1 + value_len;
0711
0712     if (new_size > ea_buf.max_size) {
0713         /*
0714          * We need to allocate more space for merged ea list.
0715          * We should only have loop to again: once.
0716          */
0717         ea_release(inode, &ea_buf);
0718         xattr_size = ea_get(inode, &ea_buf, new_size);
0719         if (xattr_size < 0) {
0720             rc = xattr_size;
0721             goto out;
0722         }
0723         goto again;
0724     }
0725
0726     /* Remove old ea of the same name */
0727     if (found) {
0728         /* number of bytes following target EA */
0729         length = (char *) END_EALIST(ealist) - (char *) next_ea;
0730         if (length > 0)
0731             memmove(old_ea, next_ea, length);
0732         xattr_size -= old_ea_size;
0733     }
0734
0735     /* Add new entry to the end */
0736     if (value) {
0737         if (xattr_size == 0)
0738             /* Completely new ea list */
0739             xattr_size = sizeof (struct jfs_ea_list);
0740
0741         /*
0742          * The size of EA value is limitted by on-disk format up to
0743          *  __le16, there would be an overflow if the size is equal
0744          * to XATTR_SIZE_MAX (65536).  In order to avoid this issue,
0745          * we can pre-checkup the value size against USHRT_MAX, and
0746          * return -E2BIG in this case, which is consistent with the
0747          * VFS setxattr interface.
0748          */
0749         if (value_len >= USHRT_MAX) {
0750             rc = -E2BIG;
0751             goto release;
0752         }
0753
0754         ea = (struct jfs_ea *) ((char *) ealist + xattr_size);
0755         ea->flag = 0;
0756         ea->namelen = namelen;
0757         ea->valuelen = (cpu_to_le16(value_len));
0758         memcpy(ea->name, name, namelen);
0759         ea->name[namelen] = 0;
0760         if (value_len)
0761             memcpy(&ea->name[namelen + 1], value, value_len);
0762         xattr_size += EA_SIZE(ea);
0763     }
0764
0765     /* DEBUG - If we did this right, these number match */
0766     if (xattr_size != new_size) {
0767         printk(KERN_ERR
0768                "__jfs_setxattr: xattr_size = %d, new_size = %d\n",
0769                xattr_size, new_size);
0770
0771         rc = -EINVAL;
0772         goto release;
0773     }
0774
0775     /*
0776      * If we're left with an empty list, there's no ea
0777      */
0778     if (new_size == sizeof (struct jfs_ea_list))
0779         new_size = 0;
0780
0781     ealist->size = cpu_to_le32(new_size);
0782
0783     rc = ea_put(tid, inode, &ea_buf, new_size);
0784
0785     goto out;
0786       release:
0787     ea_release(inode, &ea_buf);
0788       out:
0789     up_write(&JFS_IP(inode)->xattr_sem);
0790
0791     return rc;
0792 }
0793
0794 ssize_t __jfs_getxattr(struct inode *inode, const char *name, void *data,
0795                size_t buf_size)
0796 {
0797     struct jfs_ea_list *ealist;
0798     struct jfs_ea *ea;
0799     struct ea_buffer ea_buf;
0800     int xattr_size;
0801     ssize_t size;
0802     int namelen = strlen(name);
0803     char *value;
0804
0805     down_read(&JFS_IP(inode)->xattr_sem);
0806
0807     xattr_size = ea_get(inode, &ea_buf, 0);
0808
0809     if (xattr_size < 0) {
0810         size = xattr_size;
0811         goto out;
0812     }
0813
0814     if (xattr_size == 0)
0815         goto not_found;
0816
0817     ealist = (struct jfs_ea_list *) ea_buf.xattr;
0818
0819     /* Find the named attribute */
0820     for (ea = FIRST_EA(ealist); ea < END_EALIST(ealist); ea = NEXT_EA(ea))
0821         if ((namelen == ea->namelen) &&
0822             memcmp(name, ea->name, namelen) == 0) {
0823             /* Found it */
0824             size = le16_to_cpu(ea->valuelen);
0825             if (!data)
0826                 goto release;
0827             else if (size > buf_size) {
0828                 size = -ERANGE;
0829                 goto release;
0830             }
0831             value = ((char *) &ea->name) + ea->namelen + 1;
0832             memcpy(data, value, size);
0833             goto release;
0834         }
0835       not_found:
0836     size = -ENODATA;
0837       release:
0838     ea_release(inode, &ea_buf);
0839       out:
0840     up_read(&JFS_IP(inode)->xattr_sem);
0841
0842     return size;
0843 }
0844
0845 /*
0846  * No special permissions are needed to list attributes except for trusted.*
0847  */
0848 static inline int can_list(struct jfs_ea *ea)
0849 {
0850     return (strncmp(ea->name, XATTR_TRUSTED_PREFIX,
0851                 XATTR_TRUSTED_PREFIX_LEN) ||
0852         capable(CAP_SYS_ADMIN));
0853 }
0854
0855 ssize_t jfs_listxattr(struct dentry * dentry, char *data, size_t buf_size)
0856 {
0857     struct inode *inode = d_inode(dentry);
0858     char *buffer;
0859     ssize_t size = 0;
0860     int xattr_size;
0861     struct jfs_ea_list *ealist;
0862     struct jfs_ea *ea;
0863     struct ea_buffer ea_buf;
0864
0865     down_read(&JFS_IP(inode)->xattr_sem);
0866
0867     xattr_size = ea_get(inode, &ea_buf, 0);
0868     if (xattr_size < 0) {
0869         size = xattr_size;
0870         goto out;
0871     }
0872
0873     if (xattr_size == 0)
0874         goto release;
0875
0876     ealist = (struct jfs_ea_list *) ea_buf.xattr;
0877
0878     /* compute required size of list */
0879     for (ea = FIRST_EA(ealist); ea < END_EALIST(ealist); ea = NEXT_EA(ea)) {
0880         if (can_list(ea))
0881             size += name_size(ea) + 1;
0882     }
0883
0884     if (!data)
0885         goto release;
0886
0887     if (size > buf_size) {
0888         size = -ERANGE;
0889         goto release;
0890     }
0891
0892     /* Copy attribute names to buffer */
0893     buffer = data;
0894     for (ea = FIRST_EA(ealist); ea < END_EALIST(ealist); ea = NEXT_EA(ea)) {
0895         if (can_list(ea)) {
0896             int namelen = copy_name(buffer, ea);
0897             buffer += namelen + 1;
0898         }
0899     }
0900
0901       release:
0902     ea_release(inode, &ea_buf);
0903       out:
0904     up_read(&JFS_IP(inode)->xattr_sem);
0905     return size;
0906 }
0907
0908 static int __jfs_xattr_set(struct inode *inode, const char *name,
0909                const void *value, size_t size, int flags)
0910 {
0911     struct jfs_inode_info *ji = JFS_IP(inode);
0912     tid_t tid;
0913     int rc;
0914
0915     tid = txBegin(inode->i_sb, 0);
0916     mutex_lock(&ji->commit_mutex);
0917     rc = __jfs_setxattr(tid, inode, name, value, size, flags);
0918     if (!rc)
0919         rc = txCommit(tid, 1, &inode, 0);
0920     txEnd(tid);
0921     mutex_unlock(&ji->commit_mutex);
0922
0923     return rc;
0924 }
0925
0926 static int jfs_xattr_get(const struct xattr_handler *handler,
0927              struct dentry *unused, struct inode *inode,
0928              const char *name, void *value, size_t size)
0929 {
0930     name = xattr_full_name(handler, name);
0931     return __jfs_getxattr(inode, name, value, size);
0932 }
0933
0934 static int jfs_xattr_set(const struct xattr_handler *handler,
0935              struct user_namespace *mnt_userns,
0936              struct dentry *unused, struct inode *inode,
0937              const char *name, const void *value,
0938              size_t size, int flags)
0939 {
0940     name = xattr_full_name(handler, name);
0941     return __jfs_xattr_set(inode, name, value, size, flags);
0942 }
0943
0944 static int jfs_xattr_get_os2(const struct xattr_handler *handler,
0945                  struct dentry *unused, struct inode *inode,
0946                  const char *name, void *value, size_t size)
0947 {
0948     if (is_known_namespace(name))
0949         return -EOPNOTSUPP;
0950     return __jfs_getxattr(inode, name, value, size);
0951 }
0952
0953 static int jfs_xattr_set_os2(const struct xattr_handler *handler,
0954                  struct user_namespace *mnt_userns,
0955                  struct dentry *unused, struct inode *inode,
0956                  const char *name, const void *value,
0957                  size_t size, int flags)
0958 {
0959     if (is_known_namespace(name))
0960         return -EOPNOTSUPP;
0961     return __jfs_xattr_set(inode, name, value, size, flags);
0962 }
0963
0964 static const struct xattr_handler jfs_user_xattr_handler = {
0965     .prefix = XATTR_USER_PREFIX,
0966     .get = jfs_xattr_get,
0967     .set = jfs_xattr_set,
0968 };
0969
0970 static const struct xattr_handler jfs_os2_xattr_handler = {
0971     .prefix = XATTR_OS2_PREFIX,
0972     .get = jfs_xattr_get_os2,
0973     .set = jfs_xattr_set_os2,
0974 };
0975
0976 static const struct xattr_handler jfs_security_xattr_handler = {
0977     .prefix = XATTR_SECURITY_PREFIX,
0978     .get = jfs_xattr_get,
0979     .set = jfs_xattr_set,
0980 };
0981
0982 static const struct xattr_handler jfs_trusted_xattr_handler = {
0983     .prefix = XATTR_TRUSTED_PREFIX,
0984     .get = jfs_xattr_get,
0985     .set = jfs_xattr_set,
0986 };
0987
0988 const struct xattr_handler *jfs_xattr_handlers[] = {
0989 #ifdef CONFIG_JFS_POSIX_ACL
0990     &posix_acl_access_xattr_handler,
0991     &posix_acl_default_xattr_handler,
0992 #endif
0993     &jfs_os2_xattr_handler,
0994     &jfs_user_xattr_handler,
0995     &jfs_security_xattr_handler,
0996     &jfs_trusted_xattr_handler,
0997     NULL,
0998 };
0999
1000
1001 #ifdef CONFIG_JFS_SECURITY
1002 static int jfs_initxattrs(struct inode *inode, const struct xattr *xattr_array,
1003               void *fs_info)
1004 {
1005     const struct xattr *xattr;
1006     tid_t *tid = fs_info;
1007     char *name;
1008     int err = 0;
1009
1010     for (xattr = xattr_array; xattr->name != NULL; xattr++) {
1011         name = kmalloc(XATTR_SECURITY_PREFIX_LEN +
1012                    strlen(xattr->name) + 1, GFP_NOFS);
1013         if (!name) {
1014             err = -ENOMEM;
1015             break;
1016         }
1017         strcpy(name, XATTR_SECURITY_PREFIX);
1018         strcpy(name + XATTR_SECURITY_PREFIX_LEN, xattr->name);
1019
1020         err = __jfs_setxattr(*tid, inode, name,
1021                      xattr->value, xattr->value_len, 0);
1022         kfree(name);
1023         if (err < 0)
1024             break;
1025     }
1026     return err;
1027 }
1028
1029 int jfs_init_security(tid_t tid, struct inode *inode, struct inode *dir,
1030               const struct qstr *qstr)
1031 {
1032     return security_inode_init_security(inode, dir, qstr,
1033                         &jfs_initxattrs, &tid);
1034 }
1035 #endif